﻿//-----------------------------------------------------------------------
// <copyright file="AuthorizationServiceBase.Roles.cs" company="Alan Rodrigues">
//     Copyright (c) Alan Rodrigues. All rights reserved.
// </copyright>
// <developed>Alan Rodrigues (operninha@gmail.com)</developed>
//-----------------------------------------------------------------------

namespace Authorization
{
    using System;
    using Properties;

    public partial class AuthorizationServiceBase
    {
        #region Roles
        public RoleCollection GetAllRoles(string applicationName, string scopeName)
        {
            SecUtility.CheckParameter(ref applicationName, true, true, false, 64, "applicationName");

            var application = AuthorizationStoreManager.GetApplication(applicationName);
            if (application == null)
            {
                throw new AuthorizationException("AuthorizationService.GetAllRoles", Resources.invalid_application);
            }
            return application.GetRoles(scopeName);
        }

        /// <summary>
        /// Retorna o nome dos papeis do sistema
        /// </summary>
        /// <param name="applicationName">nome da Application</param>
        /// <param name="scopeName">Name do <seealso cref="Scope"/> onde será feita a busca dos papeis</param>
        /// <returns>Name dos papeis do Sistema</returns>
        public string[] GetAllRoleNames(string applicationName, string scopeName)
        {
            SecUtility.CheckParameter(ref applicationName, true, true, false, 64, "applicationName");

            var  app = AuthorizationStoreManager.GetApplication(applicationName);
            
            if (app == null)
            {
                throw new AuthorizationException("AuthorizationService.GetAllRoleNames", Resources.invalid_application);
            }

            return app.GetRoleNames(scopeName);
        }

        /// <summary>
        /// 
        /// </summary>
        /// <param name="applicationName"></param>
        /// <param name="scopeName"></param>
        /// <param name="roleName"></param>
        /// <returns></returns>
        public bool RoleExists(string applicationName, string scopeName, string roleName)
        {
            SecUtility.CheckParameter(ref applicationName, true, true, false, 64, "applicationName");
            SecUtility.CheckParameter(ref roleName, true, true, false, 64, "roleName");
            var app = AuthorizationStoreManager.GetApplication(applicationName);

            if (app == null)
            {
                throw new AuthorizationException("AuthorizationService.RoleExists", Resources.invalid_application);
            }

            return app.RoleExists(roleName, scopeName);
        }

        /// <summary>
        /// 
        /// </summary>
        /// <param name="applicationName"></param>
        /// <param name="scopeName"></param>
        /// <param name="roleName"></param>
        /// <returns></returns>
        public Role GetRole(string applicationName, string scopeName, string roleName)
        {
            SecUtility.CheckParameter(ref applicationName, true, true, false, 64, "applicationName");
            SecUtility.CheckParameter(ref roleName, true, true, false, 64, "roleName");

            var app = AuthorizationStoreManager.GetApplication(applicationName);

            if (app == null)
            {
                throw new AuthorizationException("AuthorizationService.GetRole", Resources.invalid_application);
            }

            return app.GetRole(roleName, scopeName);
        }

        public Role CreateRole(string applicationName, string scopeName, string roleName, string description)
        {
            SecUtility.CheckParameter(ref applicationName, true, true, false, 64, "applicationName");
            SecUtility.CheckParameter(ref roleName, true, true, false, 64, "roleName");

            Application application = AuthorizationStoreManager.GetApplication(applicationName);

            if (application == null)
            {
                throw new AuthorizationException("AuthorizationService.CreateRole", Resources.invalid_application);
            }

            Role role = application.CreateRole(roleName, description, scopeName);
            role.Description = description;
            role.Save();
            return role;
        }

        public void DeleteRole(string applicationName, string scopeName, string roleName, bool throwOnPopulatedRole)
        {
            SecUtility.CheckParameter(ref applicationName, true, true, false, 64, "applicationName");
            SecUtility.CheckParameter(ref roleName, true, true, false, 64, "roleName");

           var application = AuthorizationStoreManager.GetApplication(applicationName);

            if (application == null)
            {
                throw new AuthorizationException("AuthorizationService.DeleteRole", Resources.invalid_application);
            }

            application.DeleteRole(roleName, scopeName);
            application.Save();
        }        

        public void UpdateRole(string applicationName, string scopeName, string roleName, string newRoleName, string newDescription)
        {
            SecUtility.CheckParameter(ref applicationName, true, true, false, 64, "applicationName");
            SecUtility.CheckParameter(ref roleName, true, true, false, 64, "roleName");
            SecUtility.CheckParameter(ref newRoleName, true, true, false, 64, "newRoleName");

            var application = AuthorizationStoreManager.GetApplication(applicationName);

            if (application == null)
            {
                throw new AuthorizationException("AuthorizationService.UpdateRole", Resources.invalid_application);
            }
        }


        public void AddUsersToRoles(string applicationName, string scopeName, string[] SIDs, string[] roleNames)
        {
            SecUtility.CheckParameter(ref applicationName, true, true, false, 64, "applicationName");
            SecUtility.CheckArrayParameter(ref roleNames, true, true, false, 64, "roleNames");
            SecUtility.CheckArrayParameter(ref SIDs, true, true, false, 64, "SIDs");

            var application = AuthorizationStoreManager.GetApplication(applicationName);

            if (application == null)
            {
                throw new AuthorizationException("AuthorizationService.AddUsersToRoles", Resources.invalid_application);
            }

            foreach (var roleName in roleNames)
            {
                var role = application.GetRoleAssignment(roleName, scopeName);
                role.AddMembers(SIDs);
                role.Save();
            }
        }

        public void AddUserNamesToRoles(string applicationName, string scopeName, string[] usernames, string[] roleNames)
        {
            SecUtility.CheckParameter(ref applicationName, true, true, false, 64, "applicationName");
            SecUtility.CheckArrayParameter(ref roleNames, true, true, false, 64, "roleNames");
            SecUtility.CheckArrayParameter(ref usernames, true, true, false, 64, "usernames");

            var application = AuthorizationStoreManager.GetApplication(applicationName);

            if (application == null)
            {
                throw new AuthorizationException("AuthorizationService.AddUserNamesToRoles", Resources.invalid_application);
            }

            foreach (var roleName in roleNames)
            {
                var role = application.GetRoleAssignment(roleName, scopeName);
                role.AddMemberNames(usernames);
                role.Save();
            }
        }

        #endregion
    }
}
